app check

3 years ago · 4c0d85ce14
3 changed files with 123 additions and 66 deletions
--- a/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js
+++ b/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js
@ -4,76 +4,78 @@ const moment = require('moment')
 const uuid = require('uuid');

 async function check (ctx) {
-    try {
-        const { models } = this.fs.dc;
-        const { appKey, appSecret } = this.request.body;
-        const existRes = await models.Application.findOne({
-            where: {
-                appKey: appKey,
-                appSecret: appSecret,
-            }
-        })
-        if (!existRes) {
-            throw '应用不存在'
-        } else if (existRes.forbidden) {
-            throw '应用已被禁用'
-        }
-        ctx.status = 204;
-    } catch (error) {
-        ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`);
-        ctx.status = 400;
-        ctx.body =
-            typeof error == 'string' ? {
-                message: error
-            } : error
-    }
+   try {
+      const { models } = this.fs.dc;
+      const { Authorization } = ctx.headers;
+      const { utils: { oauthParseAuthHeader, oauthParseBody } } = ctx.app.fs
+      const keySplit = await oauthParseAuthHeader(Authorization);
+      const existRes = await models.Application.findOne({
+         where: {
+            appKey: keySplit[0],
+            appSecret: keySplit[1],
+         }
+      })
+      if (!existRes) {
+         throw '应用不存在'
+      } else if (existRes.forbidden) {
+         throw '应用已被禁用'
+      }
+      ctx.status = 204;
+   } catch (error) {
+      ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`);
+      ctx.status = 400;
+      ctx.body =
+         typeof error == 'string' ? {
+            message: error
+         } : error
+   }
 }

 async function edit (ctx, next) {
-    let errMsg = '创建应用失败'
-    const transaction = await ctx.fs.dc.orm.transaction();
-    try {
-        const { models } = ctx.fs.dc;
-        const { userId } = ctx.fs.api
-        const data = ctx.request.body;
+   let errMsg = '创建应用失败'
+   const transaction = await ctx.fs.dc.orm.transaction();
+   try {
+      const { models } = ctx.fs.dc;
+      const { userId } = ctx.fs.api
+      const data = ctx.request.body;

-        if (data.id) {
-            // 修改
-            const storageData = Object.assign({}, data,)
-            await models.Application.update(storageData, {
-                where: {
-                    id: data.id
-                },
-                transaction
-            })
-        } else {
+      if (data.id) {
+         // 修改
+         const storageData = Object.assign({}, data,)
+         await models.Application.update(storageData, {
+            where: {
+               id: data.id
+            },
+            transaction
+         })
+      } else {

-            // 添加           
-            const storageData = Object.assign({}, data, {
-                appKey: uuid.v4(),
-                appSecret: uuid.v4(),
-                createUserId: userId,
-                createTime: moment().format(),
-                forbidden: true
+         // 添加           
+         const storageData = Object.assign({}, data, {
+            appKey: uuid.v4(),
+            appSecret: uuid.v4(),
+            createUserId: userId,
+            createTime: moment().format(),
+            forbidden: true

-            })
-            await models.Application.create(storageData, { transaction })
-        }
+         })
+         await models.Application.create(storageData, { transaction })
+      }

-        await transaction.commit();
-        ctx.status = 204;
-    } catch (error) {
-        await transaction.rollback();
-        ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`);
-        ctx.status = 400;
-        ctx.body = {
-            message: errMsg
-        }
-    }
+      await transaction.commit();
+      ctx.status = 204;
+   } catch (error) {
+      await transaction.rollback();
+      ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`);
+      ctx.status = 400;
+      ctx.body = {
+         message: errMsg
+      }
+   }
 }


 module.exports = {
-    check,
-    edit,
+   check,
+   edit,
 };
--- a/code/VideoAccess-VCMP/api/app/lib/routes/application/index.js
+++ b/code/VideoAccess-VCMP/api/app/lib/routes/application/index.js
@ -5,10 +5,13 @@ const application = require('../../controllers/application');

 module.exports = function (app, router, opts) {

-    // app.fs.api.logAttr['GET/application'] = { content: '获取应用信息', visible: false };
-    // router.get('/application', application.get);
+   app.fs.api.logAttr['GET/application/check'] = { content: '检查应用状态', visible: false };
+   router.get('/application/check', application.check);
+
+   // app.fs.api.logAttr['GET/application'] = { content: '获取应用信息', visible: false };
+   // router.get('/application', application.get);
+
+   app.fs.api.logAttr['POST/application'] = { content: '创建/修改应用', visible: false };
+   router.post('/application', application.edit);

-    app.fs.api.logAttr['POST/application'] = { content: '创建/修改应用', visible: false };
-    router.post('/application', application.edit);
-   
 };
--- a/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js
+++ b/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js
@ -0,0 +1,52 @@
+module.exports = function (app, opts) {
+    async function oauthParseAuthHeader (auth) {
+        if (!auth) {
+            throw new Error('参数无效: 未包含Authorization头');
+        }
+
+        const authSplit = auth.split('Basic');
+        if (authSplit.length != 2) {
+            throw new Error('参数无效: Authorization头格式无效，请检查是否包含了"Basic "');
+        }
+
+        const authCode = authSplit[1];
+        const apikey = Buffer.from(authCode, 'base64').toString();
+
+        const keySplit = apikey.split(':');
+        if (keySplit.length != 2) {
+            throw new Error('参数无效：请检查Authorization头内容是否经过正确Base64编码');
+        }
+        
+        return keySplit;
+    }
+
+    async function oauthParseBody (body, type) {
+        let checked = true, token = '';
+        if (type == 'apply' && body['grant_type'] != 'client_credentials') {
+            checked = false;
+        } else if (type == 'refresh') {
+            if (body['grant_type'] != 'refresh_token' || body['token'] == null) {
+                checked = false;
+            } else {
+                token = body['token'];
+            }
+        } else if (type == 'invalidate') {
+            if (body['token'] == null) {
+                checked = false;
+            } else {
+                token = body['token'];
+            }
+        }
+
+        if (!checked) {
+            throw new Error('参数无效：请求正文中未包含正确的信息');
+        }
+
+        return token;
+    }
+
+    return {
+        oauthParseAuthHeader,
+        oauthParseBody
+    }
+}